/** * @param \Jose\Object\SignatureInterface $signature * * @throws \InvalidArgumentException */ private function checkB64HeaderAndCrit(Object\SignatureInterface $signature) { if (!$signature->hasProtectedHeader('b64')) { return; } Assertion::true($signature->hasProtectedHeader('crit'), 'The protected header parameter "crit" is mandatory when protected header parameter "b64" is set.'); Assertion::isArray($signature->getProtectedHeader('crit'), 'The protected header parameter "crit" must be an array.'); Assertion::inArray('b64', $signature->getProtectedHeader('crit'), 'The protected header parameter "crit" must contain "b64" when protected header parameter "b64" is set.'); }
/** * @param \Jose\Object\JWSInterface $jws * @param \Jose\Object\SignatureInterface $signature * @param string|null $detached_payload * * @return string */ private function getInputToVerify(Object\JWSInterface $jws, Object\SignatureInterface $signature, $detached_payload) { $encoded_protected_headers = $signature->getEncodedProtectedHeaders(); if (!$signature->hasProtectedHeader('b64') || true === $signature->getProtectedHeader('b64')) { if (null !== $jws->getEncodedPayload($signature)) { return sprintf('%s.%s', $encoded_protected_headers, $jws->getEncodedPayload($signature)); } $payload = empty($jws->getPayload()) ? $detached_payload : $jws->getPayload(); $payload = is_string($payload) ? $payload : json_encode($payload); return sprintf('%s.%s', $encoded_protected_headers, Base64Url::encode($payload)); } $payload = empty($jws->getPayload()) ? $detached_payload : $jws->getPayload(); $payload = is_string($payload) ? $payload : json_encode($payload); return sprintf('%s.%s', $encoded_protected_headers, $payload); }
/** * @param \Jose\Object\SignatureInterface $signature * * @return bool */ private static function isPayloadEncoded(SignatureInterface $signature) { return !$signature->hasProtectedHeader('b64') || true === $signature->getProtectedHeader('b64'); }